A data controller tried to get the CD back once they realised their mistake but it had already been put to landfill.

It was misplaced in the course of an office move and the ICO reported that the trust had "strengthened" its data security since the loss.

An ICO spokesperson said: "While there is no evidence to suggest that any of the data was accessed, this case highlights that clear policies and procedures should be put in place to support staff when handling personal information as part of an office move."

However, the ICO said it had not served an enforcement notice on the trust on the understanding that it reviewed its security policies.

Eastern and Coastal Kent Primary Care Trust'schief executive, Ann Sutton, said they had investigated the mistake themselves and were in the process of implementing some changes.

"We have already strengthened our information governance policies, procedures and training on the basis of our internal investigation of the incident."

"The Information Commissioner’s recommendations to improve them further will be implemented fully."